using perl to grab IP addresses of multiple hostnames

Recently while conducting a vulnerability assessment for a rather large customer I was given a list of hostnames from around 20 domains culminating in a list of over 5000 targets that needed to go through the motions. Due to scale of the testing I needed to run the scans from several cloud nodes simultaneously to speed up the scanning. The other thing I needed to do was to extract all the IP addresses from the hostnames so as not to scan boxes multiple times when performing Port Scans for instance.

I had been playing with Perl for literally a couple of hours and decided to give writing my first Perl script a go in order to grab all the IP addresses from the list of hosts which I could then Unique and Sort to get the final list of target IP’s. I initially played with the idea of running ping commands or nslookups and then regex’ing the IP’s from there but I discovered a fantastic method called “gethostbyname” in Perl.

After some trial and error I ended up with this little gem that literally shaved days off this vulnerability assessment (5000+ hostnames ended up being less than 1000 IP addresses).

It works by taking each hostname and running the “gethostbyname” method on it to print out the original hostname and IP address separated by a “:” for easy regex or to use delimited import in Excel. Feel free to change the delimiter if you so wish. The other function I added was to set an IP address of “0.0.0.0” whenever a hostname could not be resolved.

Here’s what it looks like in action.

If you want to import the output into another program you can just append “ > output.csv”